我们已经阅读了教程,但我们仍然不了解整个事情(正在关注这里:http://www.yiiframework.com/doc-2.0/guide-security-authorization.html)。他们中的大多数都使用高级模板,但我们只使用基本模板。
我的问题是,我们是否需要为RBAC制作另一个控制器?我们在哪里放置这样的代码,例如:
$r->init();
$r->createRole("bizadmin","Biz Administrator");
$r->save();
$r->assign('2','bizadmin');
我们需要创建哪些数据库表?我们已经创建了用户表,但不知道下一步该做什么。
我希望有人能给出详细解释。
请帮忙。我们对此仍然很陌生。谢谢。
修改:
我们尝试了这些:
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'actions' => ['login', 'error'], // Define specific actions
'allow' => true, // Has access
'roles' => ['@'], // '@' All logged in users / or your access role e.g. 'admin', 'user'
],
[
'allow' => false, // Do not have access
'roles'=>['?'], // Guests '?'
],
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'logout' => ['post'],
],
],
];
}
public function actionIndex()
{
$r = new DbManager;
$r->init();
$r->createRole("bizadmin","Biz Administrator");
$r->save();
$r->assign('2','bizadmin');
return $this->render('index');
}
但是我们收到了这个错误:
exception 'yii\web\ForbiddenHttpException' with message 'Login Required' in C:\wamp3\www\basic\vendor\yiisoft\yii2\web\User.php:431
Stack trace:
#0 C:\wamp3\www\basic\vendor\yiisoft\yii2\filters\AccessControl.php(149): yii\web\User->loginRequired()
#1 C:\wamp3\www\basic\vendor\yiisoft\yii2\filters\AccessControl.php(126): yii\filters\AccessControl->denyAccess(Object(yii\web\User))
#2 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\ActionFilter.php(71): yii\filters\AccessControl->beforeAction(Object(yii\web\ErrorAction))
#3 [internal function]: yii\base\ActionFilter->beforeFilter(Object(yii\base\ActionEvent))
#4 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Component.php(538): call_user_func(Array, Object(yii\base\ActionEvent))
#5 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Controller.php(259): yii\base\Component->trigger('beforeAction', Object(yii\base\ActionEvent))
#6 C:\wamp3\www\basic\vendor\yiisoft\yii2\web\Controller.php(108): yii\base\Controller->beforeAction(Object(yii\web\ErrorAction))
#7 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Controller.php(149): yii\web\Controller->beforeAction(Object(yii\web\ErrorAction))
#8 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Module.php(455): yii\base\Controller->runAction('error', Array)
#9 C:\wamp3\www\basic\vendor\yiisoft\yii2\web\ErrorHandler.php(80): yii\base\Module->runAction('site/error')
#10 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\ErrorHandler.php(95): yii\web\ErrorHandler->renderException(Object(yii\web\ForbiddenHttpException))
#11 [internal function]: yii\base\ErrorHandler->handleException(Object(yii\web\ForbiddenHttpException))
#12 {main}
Previous exception:
exception 'yii\web\ForbiddenHttpException' with message 'Login Required' in C:\wamp3\www\basic\vendor\yiisoft\yii2\web\User.php:431
Stack trace:
#0 C:\wamp3\www\basic\vendor\yiisoft\yii2\filters\AccessControl.php(149): yii\web\User->loginRequired()
#1 C:\wamp3\www\basic\vendor\yiisoft\yii2\filters\AccessControl.php(126): yii\filters\AccessControl->denyAccess(Object(yii\web\User))
#2 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\ActionFilter.php(71): yii\filters\AccessControl->beforeAction(Object(yii\base\InlineAction))
#3 [internal function]: yii\base\ActionFilter->beforeFilter(Object(yii\base\ActionEvent))
#4 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Component.php(538): call_user_func(Array, Object(yii\base\ActionEvent))
#5 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Controller.php(259): yii\base\Component->trigger('beforeAction', Object(yii\base\ActionEvent))
#6 C:\wamp3\www\basic\vendor\yiisoft\yii2\web\Controller.php(108): yii\base\Controller->beforeAction(Object(yii\base\InlineAction))
#7 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Controller.php(149): yii\web\Controller->beforeAction(Object(yii\base\InlineAction))
#8 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Module.php(455): yii\base\Controller->runAction('login', Array)
#9 C:\wamp3\www\basic\vendor\yiisoft\yii2\web\Application.php(83): yii\base\Module->runAction('site/login', Array)
#10 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Application.php(375): yii\web\Application->handleRequest(Object(yii\web\Request))
#11 C:\wamp3\www\basic\web\index.php(12): yii\base\Application->run()
#12 {main}
答案 0 :(得分:6)
1)你不需要另一个RBAC控制器
2)为了生成Rbac,您应该使用这种方式 - http://www.yiiframework.com/doc-2.0/guide-security-authorization.html#building-authorization-data 并运行
yii rbac/init
编辑:
从我的项目中添加更多内容。
我创建了rbac。我有2个文件。第一项.php
<?php
return [
'dashboard' => [
'type' => 2,
'description' => 'Админ панель',
],
'user' => [
'type' => 1,
'description' => 'Администратор',
'ruleName' => 'userRole',
],
'moder' => [
'type' => 1,
'ruleName' => 'userRole',
'children' => [
'user',
'dashboard',
],
],
'admin' => [
'type' => 1,
'ruleName' => 'userRole',
'children' => [
'moder',
],
],
];
第二个rules.php
<?php
return [
'userRole' => 'O:35:"common\\components\\rbac\\UserRoleRule":3:{s:4:"name";s:8:"userRole";s:9:"createdAt";N;s:9:"updatedAt";N;}',
];
在配置设置为组件区域
'authManager' => [
'class' => 'yii\rbac\PhpManager',
'defaultRoles' => ['user','moder','admin'],
'itemFile' => '@common/components/rbac/items.php',
'assignmentFile' => '@common/components/rbac/assignments.php',
'ruleFile' => '@common/components/rbac/rules.php'
],
在控制器检查中
if (\Yii::$app->user->can('createPost')) {
// create post
}
访问控制过滤器http://www.yiiframework.com/doc-2.0/guide-security-authorization.html#access-control-filter是一个非常简单的授权。他提供两种状态:auth user或NOT auth user(guest)。